Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ran combfix now lost my ip configuration


  • This topic is locked This topic is locked
40 replies to this topic

#1 ReganV

ReganV

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 17 September 2012 - 06:14 PM

Hello Everyone .

My name is Regan and I live in Texas.
I'm having some problems with my clevo after running hitman 3.5 and combofix on my clevo p170hmx. It's wired b/c I've run them in the past and no problems,all the devices, dell laptop and a kendal all work on my surfboard sb6121 and Cisco ea4500.
Ive tried winsock reset, uninstalling software,drivers on Intel ultimate n-6300 and reinstalling them, I've run minitoolbox. I just don't know what to do here. I've searched the web for four days now.

I'm getting windows network diagnostics telling me ( wireless network connection "doesn't have a valid IP configuration)
I'm not sure but it seems like maybe I'm missing some registry files if anyone could help me with this problem I'd be more then happy to pay them for there time.

please let me know what I need to post as far as information.

Thank you every much !
Regan


Here is the log i was asked to post by Broni,thank you.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Regan at 17:59:55 on 2012-09-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8169.6196 [GMT -5:00]
.
AV: Kaspersky Internet Security *Disabled/Outdated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Protector Suite\upeksvr.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Logitech\SetPointP\LBTWiz.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Protector Suite\psqltray.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
c:\Program Files (x86)\Hotkey\PowerBiosServer.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = Preserve
mStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [Power2GoExpress] NA
uRun: [OfficeSyncProcess] c:\program files (x86)\common files\microsoft shared\virtualization handler\cvh.exe" /quietlaunch "msosync 9014006604090000
uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
uRun: [OpenDNS Updater] "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
mRun: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [THX Audio Control Panel] "c:\program files (x86)\creative\thx trustudio pro\thxaudiocp\thxaudio.exe" /r
mRun: [IAStorIcon] c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe
mRun: [DivXUpdate] "c:\program files (x86)\divx\divx update\divxupdate.exe" /checknow
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: vzTCPConfig - hxxp://my.verizon.com/micro/speedoptimizer/hsi/vzTCPConfig.CAB
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} - hxxp://www.pcpitstop.com/internet/pcpConnCheck.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: Interfaces\{133A3110-1F0D-4BA7-819E-3CDA10F1C87D} : NameServer = 0.0.0.0
TCP: Interfaces\{133A3110-1F0D-4BA7-819E-3CDA10F1C87D}\7594E4D255A403151574C494B44583D22393432303 : NameServer = 0.0.0.0
LSA: Notification Packages = scecli C:\Program Files\Protector Suite\psqlpwd.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
BHO-X64: link filter bho - No File
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
mRun-x64: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [THX Audio Control Panel] "c:\program files (x86)\creative\thx trustudio pro\thxaudiocp\thxaudio.exe" /r
mRun-x64: [IAStorIcon] c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe
mRun-x64: [DivXUpdate] "c:\program files (x86)\divx\divx update\divxupdate.exe" /checknow
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
IE-X64: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Regan\AppData\Roaming\Mozilla\Firefox\Profiles\95vk4lra.default\
FF - prefs.js: browser.search.selectedEngine - Arccosine
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.arccosine.com/search.php?q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Users\Regan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Regan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Regan\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extentions.y2layers.installId - 322c0fed-2142-4e08-889e-9d82b19304ef
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,Buzzdock,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-4-29 913792]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-12 661504]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -r [?]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-3-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-3-30 1001808]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-13 135952]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-31 13592]
R2 IOCBIOS;IOCBIOS;C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\iOCbios.sys [2012-9-16 34304]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-15 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-15 676936]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 PowerBiosServer;PowerBiosServer;C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2011-2-15 33792]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-31 2656280]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-3-30 1321296]
R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\system32\DRIVERS\ICCWDT.sys --> C:\Windows\system32\DRIVERS\ICCWDT.sys [?]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/12 01:30:25;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-12 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-13 136176]
S2 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-1-4 340240]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-30 250568]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?]
S3 Andbus;LGE Android Platform Composite USB Device;C:\Windows\system32\DRIVERS\lgandbus64.sys --> C:\Windows\system32\DRIVERS\lgandbus64.sys [?]
S3 AndDiag;LGE Android Platform USB Serial Port;C:\Windows\system32\DRIVERS\lganddiag64.sys --> C:\Windows\system32\DRIVERS\lganddiag64.sys [?]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\Windows\system32\DRIVERS\lgandgps64.sys --> C:\Windows\system32\DRIVERS\lgandgps64.sys [?]
S3 ANDModem;LGE Android Platform USB Modem;C:\Windows\system32\DRIVERS\lgandmodem64.sys --> C:\Windows\system32\DRIVERS\lgandmodem64.sys [?]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-7-4 130976]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-13 136176]
S3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-29 129976]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\system32\DRIVERS\tapoas.sys --> C:\Windows\system32\DRIVERS\tapoas.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2011-12-12 352248]
S4 XTUService;Intel® Extreme Tuning Utility;C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [2010-11-24 21768]
.
=============== Created Last 30 ================
.
2012-09-17 17:47:41 -------- d-----w- C:\Program Files (x86)\Free Window Registry Repair
2012-09-17 16:30:00 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{90DBC1FA-DF42-457B-A3BE-8A09D3C42BF1}\offreg.dll
2012-09-17 03:12:48 77312 ----a-w- C:\Users\Regan\mswin32v16.dll
2012-09-17 01:01:31 -------- d-----w- C:\ProgramData\Roaming
2012-09-15 23:33:57 -------- d-----w- C:\Users\Regan\AppData\Roaming\Malwarebytes
2012-09-15 23:33:31 -------- d-----w- C:\ProgramData\Malwarebytes
2012-09-15 23:33:30 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-15 23:33:29 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-09-15 22:39:26 -------- d-----w- C:\Tweaking.com_Windows_Repair_Logs
2012-09-15 02:13:35 132624 ----a-w- C:\Windows\System32\drivers\JME.sys
2012-09-15 01:03:19 -------- d-----w- C:\Program Files (x86)\Log Parser 2.2
2012-09-14 02:18:55 -------- d-sh--w- C:\$RECYCLE.BIN
2012-09-14 02:10:53 98816 ----a-w- C:\Windows\sed.exe
2012-09-14 02:10:53 518144 ----a-w- C:\Windows\SWREG.exe
2012-09-14 02:10:53 256000 ----a-w- C:\Windows\PEV.exe
2012-09-14 02:10:53 208896 ----a-w- C:\Windows\MBR.exe
2012-09-14 02:10:48 -------- d-s---w- C:\ComboFix
2012-09-14 02:07:11 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2012-09-14 02:00:43 -------- d-----w- C:\ProgramData\HitmanPro
2012-09-14 01:59:47 -------- d-----w- C:\Program Files (x86)\Yontoo
2012-09-14 01:59:46 -------- d-----w- C:\ProgramData\Tarma Installer
2012-09-14 00:09:26 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-09-14 00:09:20 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-09-12 16:22:56 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-09-12 16:22:56 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-09-12 16:22:56 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-09-12 16:22:56 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-09-12 16:22:55 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-09-12 16:22:55 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-12 16:22:55 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-09-11 15:00:21 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{90DBC1FA-DF42-457B-A3BE-8A09D3C42BF1}\mpengine.dll
.
==================== Find3M ====================
.
2012-09-14 00:09:16 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-09-13 22:48:54 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-13 22:48:54 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-15 04:51:07 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-08-15 04:51:07 67072 ----a-w- C:\Windows\splwow64.exe
2012-08-15 04:51:07 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-08-15 04:51:07 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-08-15 04:50:55 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-08-15 04:50:55 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-08-15 04:50:55 136704 ----a-w- C:\Windows\System32\browser.dll
2012-08-15 04:50:44 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-08-15 04:50:20 503808 ----a-w- C:\Windows\System32\srcore.dll
2012-08-15 04:50:20 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2012-08-15 04:50:08 956928 ----a-w- C:\Windows\System32\localspl.dll
2012-08-15 04:49:56 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-08-15 04:49:31 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-15 04:49:31 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-15 04:49:31 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-15 04:49:31 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-15 04:49:31 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-15 04:49:31 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-15 04:49:31 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-15 04:49:31 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-15 04:49:31 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-15 04:49:31 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-07-23 20:59:14 24960 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2012-07-21 20:19:15 0 ----a-w- C:\Windows\SysWow64\sho8E61.tmp
2012-07-01 19:32:39 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-07-01 19:32:39 366592 ----a-w- C:\Windows\System32\qdvd.dll
.
============= FINISH: 18:01:05.17 ===============

Edited by ReganV, 17 September 2012 - 09:32 PM.


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:47 AM

Posted 18 September 2012 - 06:50 AM

Hi,

have you tried accessing WiFi through safe mode with networking? Does it work there? Could you please provide the log from ComboFix (C:\combofix.txt) and HitmanPro (if you saved it). Did they find something? If so what?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 ReganV

ReganV
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 18 September 2012 - 11:15 AM

Hello
Thank you for your help !
Yes, I have tried to boot into safe mode with networking on, it did not work and as far as combofix and hitman I have no log.
I can swear I saved them but hitman found 177 problems but I dont know what problems it found and I don't know about combofix.

here's what I've found as far as logs go>
Thanks again for you response !


MiniToolBox by Farbar Version: 23-07-2012
Ran by Regan (administrator) on 17-09-2012 at 11:28:25
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 4

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Ultimate-N 6300 AGN = Wireless Network Connection (Connected)
JMicron PCI Express Gigabit Ethernet Adapter = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 6 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 7 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Regan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #6
Physical Address. . . . . . . . . : 00-24-D7-A7-1B-05
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #5
Physical Address. . . . . . . . . : 00-24-D7-A7-1B-05
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Ultimate-N 6300 AGN
Physical Address. . . . . . . . . : 00-24-D7-A7-1B-04
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cc74:fa95:6b0f:a8c8%26(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.168.200(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 587211991
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-77-05-2F-00-90-F5-BB-2B-B9
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : JMicron PCI Express Gigabit Ethernet Adapter
Physical Address. . . . . . . . . : 00-90-F5-BB-2B-B9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B8A2FF10-D1EC-4CBF-AF5F-FCA532DE2182}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{93740787-608D-4F46-ACBA-469F0EB2BED6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{241D4040-8BF3-44FE-913D-80A4655AC243}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{717772F8-1153-444F-8AE7-4D3A9CAFA79C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: fec0:0:0:ffff::1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: fec0:0:0:ffff::1

Ping request could not find host yahoo.com. Please check the name and try again.
Server: UnKnown
Address: fec0:0:0:ffff::1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=64
Reply from 127.0.0.1: bytes=32 time=2ms TTL=64

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
28...00 24 d7 a7 1b 05 ......Microsoft Virtual WiFi Miniport Adapter #6
27...00 24 d7 a7 1b 05 ......Microsoft Virtual WiFi Miniport Adapter #5
26...00 24 d7 a7 1b 04 ......Intel® Centrino® Ultimate-N 6300 AGN
21...00 90 f5 bb 2b b9 ......JMicron PCI Express Gigabit Ethernet Adapter
1...........................Software Loopback Interface 1
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 169.254.168.200 281
169.254.168.200 255.255.255.255 On-link 169.254.168.200 281
169.254.255.255 255.255.255.255 On-link 169.254.168.200 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 169.254.168.200 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 169.254.168.200 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
26 281 fe80::/64 On-link
26 281 fe80::cc74:fa95:6b0f:a8c8/128
On-link
1 306 ff00::/8 On-link
26 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/17/2012 11:28:49 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/17/2012 11:28:44 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/17/2012 11:28:39 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/17/2012 11:28:33 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/17/2012 11:28:28 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/17/2012 11:28:23 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/17/2012 11:28:18 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/17/2012 11:28:13 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/17/2012 11:28:08 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/17/2012 11:28:03 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).


System errors:
=============
Error: (09/17/2012 11:04:28 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044

Error: (09/17/2012 11:04:27 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service terminated with the following error:
%%13876

Error: (09/17/2012 11:04:27 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (09/16/2012 11:11:54 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service terminated with the following error:
%%-2147014853

Error: (09/16/2012 11:09:51 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044

Error: (09/16/2012 11:09:51 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044

Error: (09/16/2012 11:09:51 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service terminated with the following error:
%%10044

Error: (09/16/2012 11:09:51 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service terminated with the following error:
%%13876

Error: (09/16/2012 11:09:51 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service terminated with the following error:
%%13876

Error: (09/16/2012 11:09:51 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (09/17/2012 11:28:49 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/17/2012 11:28:44 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/17/2012 11:28:39 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/17/2012 11:28:33 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/17/2012 11:28:28 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/17/2012 11:28:23 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/17/2012 11:28:18 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/17/2012 11:28:13 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/17/2012 11:28:08 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/17/2012 11:28:03 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)


=========================== Installed Programs ============================

µTorrent (Version: 2.2.1)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Access Series Upgrade
Adobe AIR (Version: 2.7.0.19530)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Adobe Story (Version: 1.0.571)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Advanced SystemCare 5 (Version: 5.4.0)
AIO_CDA_ProductContext (Version: 130.0.365.000)
AIO_CDA_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.365.000)
Any Video Converter 3.3.2
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
Battlefield 3™ (Version: 1.0.0.0)
BufferChm (Version: 130.0.331.000)
C4100 (Version: 130.0.365.000)
c4100_Help (Version: 82.0.256.000)
Call of Duty: Black Ops
Camera Driver
Cheat Engine 6.1
Cisco Connect (Version: 1.4.12100.0)
Cool MP3 Splitter 2.02
Copy (Version: 130.0.428.000)
CyberLink Media Suite (Version: 8.0.2401)
CyberLink Power2Go (Version: 7.0.0.1126)
CyberLink PowerDVD 10 (Version: 10.0.2312.52)
DAEMON Tools Lite (Version: 4.45.2.0287)
Data Lifeguard Diagnostic for Windows 1.24
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DiRT 3 (Version: 1.0.0001.130)
DivX Setup (Version: 2.6.1.8)
DocProc (Version: 13.0.0.0)
DreamScene Seven version 1.3 (Version: 1.3)
Dropbox (Version: 1.1.35)
EA SPORTS Game Face Browser Plugin 1.5.3.0 (Version: 1.5.3.0)
eReg (Version: 1.20.138.34)
Fax (Version: 130.0.418.000)
Free RAR Extract Frog (Version: 3.20)
Futuremark SystemInfo (Version: 4.0.0.0)
Google Chrome (Version: 21.0.1180.89)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
GPBaseService2 (Version: 130.0.371.000)
Homefront
Hotkey 3.3029 (Version: 3.3029)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
ieSpell (Version: 2.6.4 (build 573))
IHA_MessageCenter (Version: 1.8.17)
Intel Extreme Tuning Utility 2.1.408.41 (Version: 2.1.408.41)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.1.0.0537)
Intel® PROSet/Wireless WiFi Software (Version: 14.03.1000)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Intel® SMBus
Intel® Watchdog Timer Driver (Intel® WDT)
ITE Infrared Transceiver (Version: 1.00.0000)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 31 (64-bit) (Version: 6.0.310)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
JMicron Ethernet Adapter NDIS Driver (Version: 6.0.31.6)
JMicron Flash Media Controller Driver (Version: 1.0.54.1)
Just Cause 2
Kaspersky Internet Security 2011 (Version: 11.0.2.556)
Kaspersky Internet Security 2012 (Version: 12.0.0.374)
LG United Mobile Driver (Version: 3.2.1)
Log Parser 2.2 (Version: 2.2.10)
Logitech Gaming Software 5.10 (Version: 5.10.127)
Logitech SetPoint 6.32 (Version: 6.32.20)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Network Monitor: NetworkMonitor Parsers 3.4 (Version: 3.4.2350.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Monitor Calibration Wizard 1.0
Monkey's Audio
Movie Rotator 1.2
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero Burning ROM 11 (Version: 11.0.10500)
Nero Burning ROM 11 (Version: 11.0.12500.24.100)
Nero Burning ROM 11 Help (CHM) (Version: 11.0.10300)
Nero ControlCenter 11 (Version: 11.0.12700.0.27)
Nero ControlCenter 11 Help (CHM) (Version: 11.0.10300)
Nero Core Components 11 (Version: 11.0.15600.1.17)
Nero RescueAgent 11 (Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (Version: 11.0.10400)
Nero Update (Version: 11.0.11500.28.0)
nero.prerequisites.msi (Version: 11.0.20008)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
NVIDIA 3D Vision Controller Driver (Version: 275.33)
NVIDIA 3D Vision Driver 296.10 (Version: 296.10)
NVIDIA Control Panel 268.49 (Version: 268.49)
NVIDIA Graphics Driver 268.49 (Version: 268.49)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA nView 135.85 (Version: 135.85)
NVIDIA nView Desktop Manager (Version: 6.14.10.13585)
NVIDIA PerfHUD 64 bit (Version: 1)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OpenAL
OpenDNS Updater 2.2.1 (Version: 2.2.1)
OsMonitor Server 9.985
Primal Pictures Interactive Thorax and Abdomen
Protector Suite 2011 (Version: 5.9.5.7017)
PxMergeModule (Version: 1.00.0000)
QuickTime (Version: 7.72.80.56)
RAD Video Tools
Realtek High Definition Audio Driver (Version: 6.0.1.6410)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.0)
Router Screen Capture (Version: 2.0.2)
SaveVid Plug-in (Version: 2.0.0.355)
Scan (Version: 13.0.0.0)
Simple Port Forwarding (Version: 3.3.0)
Smart Defrag 2 (Version: 2.3)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.1.14.0)
System Requirements Lab
TamoSoft Throughput Test (Version: 1.0)
TeamSpeak 3 Client
The Witcher 2 (Version: 1.00.0000)
THX TruStudio Pro (Version: TAMB-CVS1D-1-LB R07)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
TrueCrypt (Version: 7.0a)
Ubisoft Game Launcher (Version: 1.0.0.0)
Unity Web Player (Version: )
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VLC (Version: 1.0.0.0)
VLC media player 1.1.11 (Version: 1.1.11)
WebCam Installer (Version: 3.32)
WebReg (Version: 130.0.132.017)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Driver Package - Intel (NETwNs64) net (12/08/2011 14.3.1.1) (Version: 12/08/2011 14.3.1.1)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
Yontoo 1.10.02 (Version: 1.10.02)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 8169.34 MB
Available physical RAM: 6218.96 MB
Total Pagefile: 16336.86 MB
Available Pagefile: 14085.65 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.19 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:465.56 GB) (Free:299.25 GB) NTFS
2 Drive d: (HOMEPREMIUM) (CDROM) (Total:3.84 GB) (Free:0 GB) CDFS
3 Drive e: (Space) (Fixed) (Total:465.76 GB) (Free:262.24 GB) NTFS
4 Drive f: (My GS Drive) (Removable) (Total:7.47 GB) (Free:5.58 GB) FAT32

========================= Users: ========================================

User accounts for \\REGAN-PC

Administrator Guest Lindsey
Regan

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

04-09-2012 14:58:39 Windows Update
07-09-2012 17:26:39 Windows Update
11-09-2012 14:59:53 Windows Update
13-09-2012 16:39:17 Windows Update
14-09-2012 00:08:56 Installed Java 7 Update 7 (64-bit)
14-09-2012 02:42:05 Restore Operation
14-09-2012 03:58:54 Removed Zamzom Wireless
14-09-2012 06:46:07 Restore Operation
15-09-2012 01:03:01 Installed Log Parser 2.2
15-09-2012 02:28:55 Restore Operation
17-09-2012 00:27:29 Removed Intel® PROSet/Wireless WiFi Software.
17-09-2012 00:29:31 Removed Microsoft Network Monitor 3.4
17-09-2012 00:30:40 Removed PhoenixRC Demo.
17-09-2012 00:38:26 Installed Intel® PROSet/Wireless Software for Bluetooth® Technology
17-09-2012 00:59:19 Installed Intel® PROSet/Wireless WiFi Software.

**** End of log ****




Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation. All rights reserved.

C:\Users\Regan>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Regan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
6
Physical Address. . . . . . . . . : 00-24-D7-A7-1B-05
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
5
Physical Address. . . . . . . . . : 00-24-D7-A7-1B-05
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Ultimate-N 6300 AGN
Physical Address. . . . . . . . . : 00-24-D7-A7-1B-04
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cc74:fa95:6b0f:a8c8%26(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.168.200(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 587211991
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-77-05-2F-00-90-F5-BB-2B-B

DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : JMicron PCI Express Gigabit Ethernet Ada
ter
Physical Address. . . . . . . . . : 00-90-F5-BB-2B-B9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B8A2FF10-D1EC-4CBF-AF5F-FCA532DE2182}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

C:\Users\Regan>

#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:47 AM

Posted 18 September 2012 - 05:11 PM

Hi,

the Combofix.txt log should be visible in C:\ could you take a look? If not could you let me know if there's a folder called qoobox there?

Do you have a system restore point from before running ComboFix that you could restore to?

myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 ReganV

ReganV
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 18 September 2012 - 06:14 PM

Yes Sir, I did look for it and I even searched for it but did not find it, I just looked for qoobox and didn't find it ether .

one note: I did download malwarebytes and ran it plus I've got openDNS updater v2.2.1 installed and my openDNS account is telling me I've got viruses,I logged on from my working wireless dell, I don't know if this matters ?

Thank you Regan

#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:47 AM

Posted 18 September 2012 - 06:51 PM

Hi,

can you give me the exact message from OpenDNS? I wasn't aware they did warnings. This is a different PC we are now talking about, yes?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 ReganV

ReganV
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 18 September 2012 - 10:55 PM

I found this post on opendns to to show you, it said something a long the lines of Malware/Botnet Activity Detected on my dashboard and as far as the pc's go, we are still taking about the clevo/sager,I'm taking to you on my wife's dell duo, it's working fine but the network cuts off & on sometimes but it's always done that, I'm sure it's a setting on the laptop.
PS3 network is working, cell phones wifi working,kindle is working.


This is the post I found>>>> http://forums.opendns.com/comments.php?DiscussionID=15537

Thank you Regan

#8 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:47 AM

Posted 19 September 2012 - 06:13 AM

Hi ReganV,

what I am currently not understanding is where you are receiving those messages. Are you connecting the PC that can't connect wirelessly through a cable and then get a warning about bot activity? Or are you connecting with a different device (wirelessly or otherwise) and get the warning there?

Is this the first time you got the warning or not?

Have you looked for the system restore points? Are there any?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#9 ReganV

ReganV
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 19 September 2012 - 02:37 PM

Hello, Ms Myrti

The Malware/Botnet Activity Detected, I saw it by going to my dashboard at openDNS website with my wife's Dell Duo, My Pc the Clevo/Sager is the only device not connecting, I'm getting that windows IP config settings error I first posted about.

That was the first time I seen the message on the openDNS dashboard and by the way I only have openDNS updater app on my Clevo/Sager

I have restore points and I've tried to restore both ways from CD and from windows and in safe mode as well,plus tried four restore points, unsuccessful.

that was the first time I seen the message on the openDNS dashboard and by the way I only have openDNS updater app on my Clevo/Sager


Thank you Regan

P.S. I didn't see you gender,I called you Sir in a earlier post, I apologize for that !

Edited by ReganV, 19 September 2012 - 02:45 PM.


#10 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:47 AM

Posted 20 September 2012 - 03:55 AM

Hi.

no worries about the Sir. :wink: It happens quite a lot more often than you'd think.

What doesn't work with the system restore point? Do they complete but you don't gain internet back? Does it throw an error?

Please go to

C:\WINDOWS\ERDNT\Hiv-backup\erdnt.exe

Right click on it and select Run as Admin. Then click ok ,this should restore back up registry hives.

Restart the PC and see if you're able to connect now.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#11 ReganV

ReganV
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 20 September 2012 - 10:09 AM

Hi

You are my new best friend! It's online now, YEAH!!!!!!
I when to the C:\WINDOWS\ERDNT\Hiv-backup\erdnt.exe and ran it like you said and sure enough it found a problem in the reg and fixed it !
looking like my registry was jacked up, combofix must have jacked my registry.

THANK YOU THANK YOU THANK YOU !!

Please tell me a fare price, I'd like to pay you for your time, if you don't want to post it here, please email me reganvowels@gmail.com or sent me a PM.

Thanks again Regan

Edited by ReganV, 20 September 2012 - 10:10 AM.


#12 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:47 AM

Posted 20 September 2012 - 10:50 AM

Heya ReganV,

no need to pay, I'm happy to help. :) However can you please help us by providing us with a new log from MiniToolbox and the following files, so that we can determine what exactly went wrong!

All we would need from you, is to upload us the following files:
C:\Windows\System32\config\system.BAK
C:\WINDOWS\ERDNT\Hiv-backup\System

As those are rather large files, you won't be able to attach them here. Instead please click the following link and submit the files through the interface: http://www.bleepingcomputer.com/submit-malware.php?channel=100&lm=1

Thanks again,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#13 ReganV

ReganV
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 20 September 2012 - 09:32 PM

Hi
Thanks again :0}

I tried to upload the files as you asked but the max upload is 5mb and SYSTEM file is 24.4mb and the SYSTEM.bak is 25.5mb but here is the minitoolbox.log you asked for, if there is something else I can do you let me know.

Thank Regan

P.S My pay pal account is down for the moment but will be up soon,I will and want to sent you something in return for your help,Thank you !

MiniToolBox by Farbar Version: 23-07-2012
Ran by Regan (administrator) on 20-09-2012 at 21:12:27
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/20/2012 07:54:58 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5456 - Unrecoverable system error.

Error: (09/20/2012 09:50:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2012 09:47:40 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/20/2012 09:47:35 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/20/2012 09:47:30 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/20/2012 09:47:25 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/20/2012 09:47:20 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/20/2012 09:47:15 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/20/2012 09:47:10 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).

Error: (09/20/2012 09:47:04 AM) (Source: WcesComm) (User: )
Description: Windows Mobile-based device failed to connect due to Fatal (0x80004005) failure (see data for failure code).


System errors:
=============
Error: (09/20/2012 07:57:46 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (09/20/2012 09:49:52 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
nm3

Error: (09/20/2012 09:49:31 AM) (Source: Service Control Manager) (User: )
Description: The IMF Service service failed to start due to the following error:
%%2

Error: (09/20/2012 09:49:31 AM) (Source: Service Control Manager) (User: )
Description: The Windows Biometric Service service depends on the Credential Manager service which failed to start because of the following error:
%%1058

Error: (09/20/2012 09:49:27 AM) (Source: Service Control Manager) (User: )
Description: The HitmanPro Scheduler service failed to start due to the following error:
%%2

Error: (09/20/2012 09:49:25 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:47:03 AM on ?9/?20/?2012 was unexpected.

Error: (09/20/2012 09:48:45 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

Error: (09/18/2012 04:07:01 PM) (Source: Service Control Manager) (User: )
Description: The Wireless PAN DHCP Server service terminated unexpectedly. It has done this 3 time(s).

Error: (09/18/2012 04:05:54 PM) (Source: Service Control Manager) (User: )
Description: The Wireless PAN DHCP Server service terminated unexpectedly. It has done this 2 time(s).

Error: (09/18/2012 10:57:22 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service terminated with the following error:
%%-2147014853


Microsoft Office Sessions:
=========================
Error: (09/20/2012 07:54:58 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 2.0.50727.5456 - Unrecoverable system error.

Error: (09/20/2012 09:50:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2012 09:47:40 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/20/2012 09:47:35 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/20/2012 09:47:30 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/20/2012 09:47:25 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/20/2012 09:47:20 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/20/2012 09:47:15 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/20/2012 09:47:10 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)

Error: (09/20/2012 09:47:04 AM) (Source: WcesComm)(User: )
Description: Fatal (0x80004005)


========================= Devices: ================================

Name: Microsoft Network Monitor 3 Driver
Description: Microsoft Network Monitor 3 Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nm3
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

========================= Restore Points ==================================

20-09-2012 14:54:23 Windows Update

**** End of log ****

#14 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:47 AM

Posted 21 September 2012 - 06:25 AM

Hi,

could you please try to zip the hives and if they're smaller than 5MB try uploading them again. If that doesn't work, let me know and I'll PM you my email, so that we can exchange them per mail. But zipping should be really effective and hopefully allow you to upload them.

EDIT:
Sorry I should have been more specific for the MiniToolbox, can you please run it once more and make sure the following settings are checked:
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration

regards myrti

Edited by myrti, 21 September 2012 - 06:38 AM.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#15 ReganV

ReganV
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:11:47 PM

Posted 21 September 2012 - 07:52 PM

Ok, myrti
:thumbsup:
I got it done!
If you need anything, please let me know .

Thank you again, you've been more then helpful ! :clapping:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Regan (administrator) on 21-09-2012 at 19:36:23
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Ultimate-N 6300 AGN = Wireless Network Connection (Connected)
JMicron PCI Express Gigabit Ethernet Adapter = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled taskoffload=enabled
set interface interface="Loopback Pseudo-Interface 1" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection 2" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection 3" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Bluetooth Network Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Bluetooth Network Connection 2" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set subinterface interface=?7. subinterface=wireless_0 mtu=1500
set subinterface interface=?7. subinterface=ethernet_6 mtu=1500


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Regan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 00-24-D7-A7-1B-05
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-24-D7-A7-1B-05
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Ultimate-N 6300 AGN
Physical Address. . . . . . . . . : 00-24-D7-A7-1B-04
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::dd76:8e01:6c16:f697%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.138(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, September 20, 2012 9:50:29 AM
Lease Expires . . . . . . . . . . : Saturday, September 22, 2012 7:26:34 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 301999319
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-77-05-2F-00-90-F5-BB-2B-B9
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : JMicron PCI Express Gigabit Ethernet Adapter
Physical Address. . . . . . . . . : 00-90-F5-BB-2B-B9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{133A3110-1F0D-4BA7-819E-3CDA10F1C87D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E4BD1A4A-CACC-4149-BE5E-C80E2AB51DE9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F320CFDA-DCA3-4713-841C-9DDF64F7831B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{FB0D3C90-C6A2-4C3F-BDE3-84C8C8849D3E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: google.com
Addresses: 2001:4860:4002:801::1007
74.125.227.41
74.125.227.32
74.125.227.33
74.125.227.36
74.125.227.37
74.125.227.38
74.125.227.39
74.125.227.34
74.125.227.35
74.125.227.46
74.125.227.40


Pinging google.com [74.125.227.41] with 32 bytes of data:
Reply from 74.125.227.41: bytes=32 time=14ms TTL=56
Reply from 74.125.227.41: bytes=32 time=10ms TTL=56

Ping statistics for 74.125.227.41:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 14ms, Average = 12ms
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=50ms TTL=52
Reply from 98.138.253.109: bytes=32 time=69ms TTL=52

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 50ms, Maximum = 69ms, Average = 59ms
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...00 24 d7 a7 1b 05 ......Microsoft Virtual WiFi Miniport Adapter #2
13...00 24 d7 a7 1b 05 ......Microsoft Virtual WiFi Miniport Adapter
12...00 24 d7 a7 1b 04 ......Intel® Centrino® Ultimate-N 6300 AGN
11...00 90 f5 bb 2b b9 ......JMicron PCI Express Gigabit Ethernet Adapter
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.138 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.138 276
192.168.1.138 255.255.255.255 On-link 192.168.1.138 276
192.168.1.255 255.255.255.255 On-link 192.168.1.138 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.138 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.138 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 276 fe80::/64 On-link
12 276 fe80::dd76:8e01:6c16:f697/128
On-link
1 306 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users